[ home ]  [ private ]  [ 0Day ]  [ discount ]  [ Get Gold ]  [ platforms ]  [ pentest ]  [ search ]  [ faq ]  [ contact ]  [ style ]  [ Prices in Gold ]   db: 39 583    
0day Today Exploit DB Official Facebook
0day Today Exploit DB Official Twitter
0day Today Exploit DB Official RSS Channel
Tor
We DO NOT use Telegram or any messengers / social networks!
We DO NOT use Telegram or any messengers / social networks!

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

 
0day.today - Biggest Exploit Database in the World.
Select your language:  
English
English
Русский
Русский
Deutsch
Deutsch
Türkçe
Türkçe
Français
Français
Italiano
Italiano
Español
Español
Romania
Romania
Polskie
Polskie
العربية
العربية
Japan
Japan
China
China
Things you should know about 0day.today:
  • We use one main domain: http://0day.today
  • Most of the materials is completely FREE
  • If you want to purchase the exploit / get V.I.P. access or pay for any other service,
    you need to buy or earn GOLD
We accept currencies: [contact admin to find more]
           
We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks! We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
I am registered user of 0day.today. I don't want to see this screen in future.
What to do first?
  1. Read the [ agreement ]
  2. Read the [ Submit ] rules
  3. Visit the [ faq ] page
  4. [ Register ] profile
  5. Get [ GOLD ]
  6. If you want to [ sell ]
  7. If you want to [ buy ]
  8. If you lost [ Account ]
  9. Any questions [ admin@0day.today ]


Main links


You can contact us by

Mail:
mr.inj3ct0r@gmail.com
Facebook:
Inj3ct0rs
Twitter:
Inj3ct0r
Telegram:
We DO NOT use Telegram or any messengers / social networks!
[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
Mail:
mr.inj3ct0r@gmail.com
Facebook:
Inj3ct0rs
Twitter:
Inj3ct0r
Telegram:
We DO NOT use Telegram or any messengers / social networks!
0day Today Exploits Market and 0day Exploits Database

LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability

Author
wololo
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-9769
Category
dos / poc
Date add
12-11-2009
Platform
unsorted
=================================================================
LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
=================================================================

# Title: LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
# CVE-ID: (2009-2285)
# OSVDB-ID: ()
# Author: wololo
# Published: 2009-11-12
# Verified: yes

view source
print?
Class: Boundary Condition Error
 
Published: Jun 21 2009 12:00AM
Updated: Nov 12 2009 06:46PM
Credit: wololo
Vulnerable: Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8
Sun Solaris 10_x86
Sun Solaris 10
Sun OpenSolaris build snv_98
Sun OpenSolaris build snv_96
Sun OpenSolaris build snv_95
Sun OpenSolaris build snv_94
Sun OpenSolaris build snv_93
Sun OpenSolaris build snv_92
Sun OpenSolaris build snv_91
Sun OpenSolaris build snv_90
Sun OpenSolaris build snv_89
Sun OpenSolaris build snv_88
Sun OpenSolaris build snv_87
Sun OpenSolaris build snv_86
Sun OpenSolaris build snv_85
Sun OpenSolaris build snv_84
Sun OpenSolaris build snv_83
Sun OpenSolaris build snv_82
Sun OpenSolaris build snv_81
Sun OpenSolaris build snv_80
Sun OpenSolaris build snv_78
Sun OpenSolaris build snv_77
Sun OpenSolaris build snv_76
Sun OpenSolaris build snv_68
Sun OpenSolaris build snv_67
Sun OpenSolaris build snv_64
Sun OpenSolaris build snv_61
Sun OpenSolaris build snv_59
Sun OpenSolaris build snv_58
Sun OpenSolaris build snv_57
Sun OpenSolaris build snv_54
Sun OpenSolaris build snv_51
Sun OpenSolaris build snv_50
Sun OpenSolaris build snv_49
Sun OpenSolaris build snv_47
Sun OpenSolaris build snv_45
Sun OpenSolaris build snv_41
Sun OpenSolaris build snv_39
Sun OpenSolaris build snv_38
Sun OpenSolaris build snv_37
Sun OpenSolaris build snv_36
Sun OpenSolaris build snv_29
Sun OpenSolaris build snv_28
Sun OpenSolaris build snv_22
Sun OpenSolaris build snv_19
Sun OpenSolaris build snv_13
Sun OpenSolaris build snv_02
Sun OpenSolaris build snv_01
S.u.S.E. SLE 11
S.u.S.E. SLE 10
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Enterprise Server 9
RedHat Fedora 9 0
RedHat Fedora 11
RedHat Fedora 10
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux Desktop version 4
RedHat Enterprise Linux 5 server
RedHat Desktop 3.0
Pardus Linux 2008 0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Linux Mandrake 2009.1 x86_64
MandrakeSoft Linux Mandrake 2009.1
MandrakeSoft Linux Mandrake 2009.0 x86_64
MandrakeSoft Linux Mandrake 2009.0
MandrakeSoft Linux Mandrake 2008.1 x86_64
MandrakeSoft Linux Mandrake 2008.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
LibTIFF LibTIFF 3.8.2
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
GNOME Gnome 2.0
Gentoo Linux
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 armel
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Apple Mac OS X Server 10.6.1
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6.1
Apple Mac OS X 10.6
Not Vulnerable: Sun OpenSolaris build snv_99
Apple Mac OS X Server 10.6.2
Apple Mac OS X 10.6.2
 
LibTIFF is prone to a remote buffer-underflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
 
An attacker can exploit this issue to execute arbitrary malicious code in the context of a user running an application that uses the affected library. Failed exploit attempts will likely crash the application.
 
LibTIFF 3.8.2 is vulnerable; other versions may be affected as well.

poc: http://inj3ct0r.com/sploits/9769.zip



#  0day.today [2024-11-15]  #
0day Today Exploit Database buy and sell exploits type (local, remote, DoS, PoC, etc.)
Send all submissions to mr.inj3ct0r[at]gmail.com
Copyright © 2008-2024 0day Today Team